Suricata Rule Management #863
Unanswered
silverbakk
asked this question in
Q&A
Replies: 0 comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Uh oh!
There was an error while loading. Please reload this page.
-
Hello - thanks for taking the time to read and respond to this.
At the moment I am having issues attempting to disable some of the Suricata rules and keep them disabled. I have edited the disable.conf and enable.conf files in the suricata container itself and ran suricata-update, which appeared to enable and disable what was expected. However, the container itself seems to be re-built every day and overwriting the container configuration files. I then tried to edit these configuration files in '/opt/tpot/docker/suricata/dist' and '/opt/tpotce/docker/suricata/dist' hoping the container would pull these from the host and always have them but this did not work either.
Does anyone have any suggestions on how to keep these configuration files persistent for each container rebuild?
Beta Was this translation helpful? Give feedback.
All reactions